I would like to ask if what format does the AZORult's malware "client" follow when reporting datas/infos to it's Server. So far, I know that it gets my computer info like Computer Name, GUID, Windows version, etc... and also I know that it steals data like cookies, passwords, etc...

What I need is 1) how it encrypts those data. 2) How it forms those data and send it to it's CnC. Thanks.